<?php

	// delete a roster
	session_start();
	
	// check for login
	if(!isset($_SESSION['atbat']) && !isset($_COOKIE['remember_atbat'])) {
	
		// no login, move to index page
		header("Location: http://localhost/atbat/html/");
	
	}
	
	// connect to db
	require_once '../db/db.php';
	
	if(isset($_POST['deleteRoster'])) {
	
		// sanitize and validate
		if(filter_var($_POST['id'], FILTER_VALIDATE_INT)) {
		
			$id = filter_var($_POST['id'], FILTER_SANITIZE_NUMBER_INT);
			
		}else{
		
			$message[] = '<p class="error">Cannot validate roster id.</p>';
			$error = true;
			
		}
		
		try {
		
			$db->beginTransaction();
			$db->exec("DELETE FROM rosters WHERE roster_id = " . $id);
			$db->exec("DELETE FROM rosters_players WHERE roster_id = " . $id);
			$db->commit();
			
			$message[] = '<p class="success">Successfully deleted this roster.</p>';
			
		} catch(PDOException $e) {
		
			$db->rollBack();
			$message[] = '<p class="error">Could not delete roster.</p>';
			$message[] = '<p class="notice">' . $e->getMessage() . '</p>';
			$error = true;
		
		}
	
	}
	
	if(isset($message)) foreach($message as $m) print $m;

?>